I'm glad someone has made this point. If you lose the security key, it's your fault. If you are going to enable any kind of feature, you should know what the risks and benefits are. It's no different than enabling FileVault 2 on a Mac. A security key is also generated and it's your responsibility not to lose that key should it ever be needed. It's not Apple's fault if you do so. They give plenty of warnings in the documentation and I find it perplexing that someone would then turn around and make such a big deal out of something that comes down to being their fault. My FileVault 2 key is safely stored in two places in case it should ever be needed as with any important data of that kind.
Take Care John D. Panarese Director Mac for the Blind Tel, (631) 724-4479 Email, j...@macfortheblind.com Website, http://www.macfortheblind.com APPLE CERTIFIED SUPPORT PROFESSIONAL FOR MAC OSX 10.7 LION and 10.8 Mountain Lion AUTHORIZED APPLE STORE BUSINESS AFFILIATE MAC and iOS VOICEOVER TRAINING AND SUPPORT > On Dec 9, 2014, at 6:36 PM, Raul A. Gallegos <r...@raulgallegos.com> wrote: > > I don't agree withthis as the Darkside of apple's 2 step authentication for > your safety. If people cannot be responsible to keep their security unlock > key in a safe place then that is not apple's fault. I have the service > enabled and I have all my safe recovery keys in an area that I can get to > from either my iPhone or my computer or my iPad. I would have to experience a > complete shutdown and lack of access from my Windows machine as well as my > Apple devices in order for me to not have access to that key. > > I understand there can be some annoyance with too much security, however > anytime extra security measures are added the companies that are offering the > services are very clear about you needing to keep any sort of recovery keys > available to you at all times. > > > >> On Dec 9, 2014, at 2:10 PM, M. Taylor <mk...@ucla.edu> wrote: >> >> Hello Everyone, >> >> I strongly suggest that you read the following article, very carefully. >> >> The link to the original post may be found at the end of the text. >> >> Mark >> >> The dark side of Apple's two-factor authentication >> >> Earlier this week, a strange message popped up on my Mac that I thought >> nothing of. "You can't sign in because your account was disabled for >> security reasons." I dismissed it in my tired haze, thinking it would solve >> itself and went to sleep. >> >> The next morning, I didn't have time to deal with the message - which was >> now popping up every half hour - for a few hours until it became annoying. I >> figured I'd done something dumb and broken iCloud, but that it could wait. >> >> I'd turned two-factor on my Apple ID in haste when I read Mat Honan's >> harrowing story about how his Mac, iPhone and other devices were wiped when >> someone broke into his iCloud account. That terrified me into thinking about >> real security for the first time. >> >> When I finally had time to investigate the errors appearing on my machine, I >> discovered that not only had my iCloud account been locked, but someone had >> tried to break in. Two-factor had done its job and kept the attacker out, >> however, it had also inadvertently locked me out. >> >> The Apple support page relating to lockouts assured me it would be easy to >> recover my account with a combination of any two of either my password, a >> trusted device or the two-factor recovery key. >> >> When I headed to the account recovery service, dubbed iForgot, I discovered >> that there was no way back in without my recovery key. That's when it hit >> me; I had no idea where my recovery key was or if I'd ever even put the >> piece of paper in a safe place. I've moved since I set up two-factor on >> iCloud. >> >> I began nervously scouring the entire house for the code, before giving up >> after a few frustrating hours and began searching my computer for any trace >> of it. I found countless "recovery keys" but they weren't for the right >> things; for my Mac's hard-drive encryption, Twitter, Facebook and other >> accounts, but not for my Apple ID. >> >> How could I be foolish enough to misplace my Apple ID recovery key? >> I swore that I'd taken a screenshot, printed it and had taken a photo of it >> with my iPhone for extra safekeeping. >> >> This is when it began to sink in that this single ID held the keys to much >> of my digital life; everything from iTunes purchases going back seven years, >> app purchases and even the ability to get my iPhone out of the grips of Find >> my iPhone's lock. >> >> The sinking feeling began. After fruitlessly searching and a lot of cussing, >> I decided to call Apple. I figured that something must be wrong, since the >> support page claims you can use trusted devices to recover your ID in cases >> like this. >> >> The first person I spoke to told me immediately after getting on the phone >> that in no uncertain terms I had forfeit my Apple ID by losing the recovery >> key. He refused to help me. I hung up and called back. >> >> On the second call, I got a lovely woman who totally understood my plight >> and how terrible it was. She told me a similar thing had happened to her, >> and it had turned out OK. After 20 minutes of poking around and lots of >> awkward sighing, she put me on hold to talk to a senior manager. >> >> When she got back on the line, the story was just as bleak. "We take your >> security very seriously at Apple" she told me "but at this time we cannot >> grant you access back into your Apple account. We recommend you create a new >> Apple ID." >> >> I couldn't believe what I was hearing and fought back that surely there was >> some other way, but I was told point blank that Apple would not help me. I >> offered a scan of my government ID, my trusted devices and other proof that >> it was me. Nope, that won't do for Apple in this situation. She apologized >> profusely and said there was nothing more should do. >> >> Furious about the situation, I took to Twitter in a fit of rage, complaining >> that Apple couldn't help me out of a dumb situation, in which I could easily >> prove who I was. It was frustrating enough that when setting up my Apple ID, >> the company assured me I could recover the account with a trusted device. >> >> I know it was stupid that I'd lost the recovery key but I'd set it up so >> long ago I couldn't remember where it would conceivably be. There's only so >> many things I can keep track of. Besides, I figured I'd be able to use >> trusted device to get out of a mess like this. >> >> I'd looked almost everywhere twice by this point. Who remembers stuff like >> this? >> >> Apple's two factor signup process tries to point out the importance of the >> key when you set it up. >> You have to print the key, then re-enter it to show that you've got it. I >> don't think this step existed when it launched. >> >> So, I pushed on, resuming the hunt. As 24 hours without my Apple ID >> approached, iMessage broke and my devices all started incessantly >> complaining that the account was locked, amplifying an already frustrating >> situation. >> >> Figuring that maybe I'd just had bad luck with the phone, I tried Apple's >> online chat service. I got the exact same answer; "We take your security >> very seriously at Apple, but we cannot help in this situation." I pointed >> out that the security page said otherwise, so the chat person put me on the >> phone with an iTunes senior advisor. >> >> After a few minutes of "uhhhh" on the other end of the phone, I got my third >> "we take your security very seriously at Apple, this account will be >> permanently disabled unless you can find the recovery key." I argued my >> point that I had both my trusted devices and my password as required by the >> support page, but was told this was irrelevant because someone else had >> tried to get into my account. >> >> I talked to a friend who knew people at Apple who told me that the security >> folks said the iForgot page is final. There's nothing they can do. >> >> Basically, I was locked out of my entire digital life, because someone had >> tried to hack me. The irony of the fact that my increased security had >> ultimately locked me out dawned on me, mixed with tiredness and frustration, >> so after taking a moment to scream internally, I started furiously searching >> ancient time machine backups. >> >> As I searched the depths of my time machine backups and was on the phone for >> the fifth (or even sixth) time to iCloud support, I found an old picture I'd >> taken on my iPhone of a screen. It was my recovery key. I started crying >> tears of joy at this point. The Apple rep on the phone started clapping and >> was very glad to get out of continuing to argue with me. >> >> The only time I've ever been glad to have taken a picture of my screen >> >> If I hadn't managed to find this key or had never bothered to save it in the >> first place, I would have lost the Apple ID forever. If I hadn't made a time >> machine backup of my machine before it got corrupted earlier this year, I'd >> have been out of luck entirely. >> >> Apple support told me that the security lock doesn't expire, so there's no >> way to get around requiring the key, even though its support site says you >> can use trusted devices. You're simply not given that option when your >> account is locked. >> >> What's perplexing is it wasn't even technically my fault. Someone tried to >> guess their way into my account and it was locked as a result; I didn't do >> anything wrong, yet I was entirely locked out because I couldn't find the >> key. >> >> Apple's support page had given me false hope, because I expected to be able >> to use a combination of my password and trusted devices to recover from >> being locked out if it ever happened. >> >> This isn't the case when your account is locked; what Apple doesn't tell you >> is that when your account is locked (because of too many attempts) your >> password is not a valid recovery option and you'll need your recovery key. >> >> What if I was carrying the key in my wallet and I was robbed, like this poor >> user on Stack Overflow? Apple still wouldn't (or couldn't) help you, because >> it's "impossible" to recover an Apple ID without that key, according to its >> support staff. >> >> Apple's changing security policy >> One has to wonder if it was previously possible, before Mat's social >> engineering hack or the iCloud celebrity hackings took place, to recover a >> two-factor enabled account by using Apple Support. The "we take your >> security very seriously at Apple" line seems like it's been rehearsed and >> drilled into the support staff's heads so that the same scandals don't >> happen again. >> >> I asked Apple PR about this situation, who told me that the support article >> is correct. If you lose your recovery key with two factor enabled, you lose >> your account. Apple can't help you. >> >> I've learnt my lesson about treating recovery keys with extreme caution from >> this. I never knew that I'd have no hope of recovery if it was lost; I'd >> been lulled into a false sense of security, figuring that my trusted devices >> would get me back into locked account. >> >> From now on, I'll know exactly where each recovery key is. I urge you to do >> the same. >> >> http://thenextweb.com/apple/2014/12/08/lost-apple-id-learnt-hard-way-careful >> -two-factor-authentication/ >> >> -- >> The following information is important for all members of the viphone list. >> All new members to the this list are moderated by default. If you have any >> questions or concerns about the running of this list, or if you feel that a >> member's post is inappropriate, please contact the owners or moderators >> directly rather than posting on the list itself. The archives for this list >> can be searched at http://www.mail-archive.com/viphone@googlegroups.com/. >> --- >> You received this message because you are subscribed to the Google Groups >> "VIPhone" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to viphone+unsubscr...@googlegroups.com. >> To post to this group, send email to viphone@googlegroups.com. >> Visit this group at http://groups.google.com/group/viphone. >> For more options, visit https://groups.google.com/d/optout. > > -- > The following information is important for all members of the viphone list. > All new members to the this list are moderated by default. If you have any > questions or concerns about the running of this list, or if you feel that a > member's post is inappropriate, please contact the owners or moderators > directly rather than posting on the list itself. The archives for this list > can be searched at http://www.mail-archive.com/viphone@googlegroups.com/. > --- > You received this message because you are subscribed to the Google Groups > "VIPhone" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to viphone+unsubscr...@googlegroups.com. > To post to this group, send email to viphone@googlegroups.com. > Visit this group at http://groups.google.com/group/viphone. > For more options, visit https://groups.google.com/d/optout. -- The following information is important for all members of the viphone list. All new members to the this list are moderated by default. If you have any questions or concerns about the running of this list, or if you feel that a member's post is inappropriate, please contact the owners or moderators directly rather than posting on the list itself. The archives for this list can be searched at http://www.mail-archive.com/viphone@googlegroups.com/. --- You received this message because you are subscribed to the Google Groups "VIPhone" group. To unsubscribe from this group and stop receiving emails from it, send an email to viphone+unsubscr...@googlegroups.com. To post to this group, send email to viphone@googlegroups.com. Visit this group at http://groups.google.com/group/viphone. For more options, visit https://groups.google.com/d/optout.
